MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c8403f07f35a2160c187db698b92e8a23a105c588fceaeb7aefe8ec562f8785d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c8403f07f35a2160c187db698b92e8a23a105c588fceaeb7aefe8ec562f8785d
SHA3-384 hash: 824a3fb2ee725b0a0656da4a3822e05ac0160877c5737f21609f7ed41bf7eed95eb8eb42785a02a3543764c15659a7d2
SHA1 hash: 3a6bae6f97ffab7115f7cf0c3c5a56f7cfa11058
MD5 hash: 5bc3cec7389bd874fa9bd08e7b763664
humanhash: hamper-oregon-lamp-one
File name:5bc3cec7389bd874fa9bd08e7b763664
Download: download sample
File size:3'271'680 bytes
First seen:2020-11-17 11:52:56 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 2cdc8fa7d36812668471d29f730236e0
ssdeep 98304:Z0LCWRGiSB7xEFK2lFUc0z4HWYEuuIdnv6D:2+FTRxel60E7ev6
Threatray 3 similar samples on MalwareBazaar
TLSH AFE5225D22A2C0E2D393E5F06C75CB7A205C7A7D181B8B553143A9DD2B63736E0E68B3
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
50
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Running batch commands
Unauthorized injection to a system process
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c8403f07f35a2160c187db698b92e8a23a105c588fceaeb7aefe8ec562f8785d/
Threat name:
Win32.Trojan.Enigma
Create hunting rule
Status:
Malicious
First seen:
2020-11-07 16:00:49 UTC
AV detection:
20 of 29 (68.97%)
Threat level:
  5/5
Verdict:
suspicious
Similar samples:
34e142c3ca75844c48639cfc8f60513d23c02a65addef3bce69f5b49b34277a1
5b5eab7a12fdfc6cc39e39193b7a9020ee46e72acac70033236ef9b6b2da32c7
8499aa17997bfbe03592e33e82df1c674f1b57ba3d372355e690b9468ea6fea2
Result
Malware family:
n/a
Score:
  5/10
Tags:
n/a
Link:
https://tria.ge/reports/201117-5avy4cp3px/
Behaviour
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of NtSetInformationThreadHideFromDebugger
Suspicious use of SetThreadContext
Unpacked files
SH256 hash:
c8403f07f35a2160c187db698b92e8a23a105c588fceaeb7aefe8ec562f8785d
MD5 hash:
5bc3cec7389bd874fa9bd08e7b763664
SHA1 hash:
3a6bae6f97ffab7115f7cf0c3c5a56f7cfa11058
Link:
https://www.unpac.me/results/2c5073fe-2e49-4056-9f7f-0c3384761bac/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments